France Believes Russia Hacked TV5Monde Posing as ISIS Hackers

The involvement of a Russian hacking group posing as ISIS/ISIL militants in the April cyberattack that crippled a French-language broadcaster has been identified, claims French investigating team.

The latest findings have raised questions about the hidden agenda behind such an assault that initially appeared to be aimed at spreading extremist propaganda.

The “CyberCaliphate” group targeted and took control of BBC News transmission and TV5Monde’s Paris headquarters’ computer systems on April 8 and posted a pro-ISIS message on the channel’s social media accounts. The hackers also blacked out the company’s global TV channels for a few hours.

First impressions were that this attack was a new level of sophistication in cyberattack prowess has been achieved by the militant group.

However, further investigations into the matter revealed startling facts about the real perpetrators behind the TV5Monde attack.

An official spokesperson of the Paris prosecutor’s office announced that the real hackers could possibly be part of a Russian group that calls itself APT28 or Pawn Storm, reports The Wall Street Journal.

Evidence suggest that the IP addresses used for hosting a website of CyberCaliphate were involved in the attack as well as other techniques were employed by the hackers. The information matched those deployed in the previous attacks from the Russian group.

According to the spokesperson:

“We’re focusing on the Russian angle.” She also added that currently there is currently no substantial proof of involvement of Islamic State.

The Russian government, however, has denied its involvement in hacking whereas U.S cybersecurity firms suspect circumstantial evidence show government’s’ sponsorship of hacker groups including the one identified by the French government.

The Europe, Middle East and Africa branches President of cybersecurity firm FireEye Inc., Richard Turner stated:

“All of our attribution tends to suggest this is an organization that is focused on furthering the objectives or gathering intelligence that is of use to the Russian government. The evidence points to a nation-state.”

The firm states that its team independently verified the hack attack and it turned out that the attacker used infrastructure that was linked to APT28. Moreover, there is evidence available suggesting that the same group had set eyes on TV5Monde since February.

Add your comments:

is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy